Cribis Credit Management s.r.l.
€10,000
Insufficient legal basis for data processing
Päätöspäivä
9. kesäkuuta 2022
Viranomainen
Italian Data Protection Authority (Garante)
IT
Ala
Finance, Insurance and Consulting
Maa
IT
Laki
GDPRTila
FINALKuvaus
The Italian DPA has fined Cribis Credit Management s.r.l. EUR 10,000. The company had inadvertently sent an e-mail about late payments on a subscription to the head of the data subject. This allowed the head to gain access to their employee's personal data such as name, surname and payment status information.
Oikeudelliset viittaukset
Art. 5 (1)Art. 6
Asiat ja rikkomukset
Insufficient legal basis for data processing